Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit bd5458d

Browse filesBrowse files
ndosscheaduh95
ndossche
authored and
aduh95
committed
crypto: fix missing nullptr check on RSA_new()
Not checking this can cause a null deref. Since there is already a null check at the bottom of the function with `NewRSA()`. PR-URL: #61888 Reviewed-By: Anna Henningsen <anna@addaleax.net>
1 parent 8287ca7 commit bd5458d
Copy full SHA for bd5458d

1 file changed

+9-1Lines changed: 9 additions & 1 deletion

File tree

Expand file treeCollapse file tree
Open diff view settings
Filter options
Expand file treeCollapse file tree
Open diff view settings
Collapse file

‎src/crypto/crypto_rsa.cc‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_rsa.cc
+9-1Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -385,6 +385,11 @@ KeyObjectData ImportJWKRsaKey(Environment* env,
385385
KeyType type = d_value->IsString() ? kKeyTypePrivate : kKeyTypePublic;
386386

387387
RSAPointer rsa(RSA_new());
388+
if (!rsa) {
389+
THROW_ERR_CRYPTO_OPERATION_FAILED(env, "Unable to create RSA pointer");
390+
return {};
391+
}
392+
388393
ncrypto::Rsa rsa_view(rsa.get());
389394

390395
ByteSource n = ByteSource::FromEncodedString(env, n_value.As<String>());
@@ -435,7 +440,10 @@ KeyObjectData ImportJWKRsaKey(Environment* env,
435440
}
436441

437442
auto pkey = EVPKeyPointer::NewRSA(std::move(rsa));
438-
if (!pkey) return {};
443+
if (!pkey) {
444+
THROW_ERR_CRYPTO_OPERATION_FAILED(env, "Unable to create key pointer");
445+
return {};
446+
}
439447

440448
return KeyObjectData::CreateAsymmetric(type, std::move(pkey));
441449
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.